mirror of
https://github.com/brmlab/brmdoor_libnfc.git
synced 2025-06-06 23:54:00 +02:00
110 lines
3.8 KiB
Python
Executable file
110 lines
3.8 KiB
Python
Executable file
#!/usr/bin/env python
|
|
|
|
"""
|
|
Adds user into database of authorized users.
|
|
"""
|
|
|
|
import sys
|
|
import sqlite3
|
|
|
|
from optparse import OptionParser
|
|
|
|
from brmdoor_nfc_daemon import BrmdoorConfig
|
|
|
|
def addUidAuth(cursor, uid_hex, nick):
|
|
"""
|
|
Add user authenticated by UID. UID should be in hex, 4, 7 or 10 bytes long.
|
|
"""
|
|
try:
|
|
uid_hex.decode("hex")
|
|
sql = """INSERT INTO authorized_uids
|
|
(uid_hex, nick)
|
|
values (?, ?)
|
|
"""
|
|
sql_data = (uid_hex, nick)
|
|
cursor.execute(sql, sql_data)
|
|
except TypeError:
|
|
print >> sys.stderr, "UID must be in proper hex encoding"
|
|
sys.exit(1)
|
|
|
|
def addHmacAuth(cursor, uid_hex, nick, key_hex):
|
|
"""
|
|
Add user authenticated by Yubikey HMAC-SHA1. UID should be in hex, 4, 7
|
|
or 10 bytes long. HMAC key in key_hex must be exactly 20 bytes in hex.
|
|
"""
|
|
try:
|
|
uid_hex.decode("hex")
|
|
if len(key_hex.decode("hex")) != 20:
|
|
print >> sys.stderr, "Key must be exactly 20 bytes long!"
|
|
sys.exit(1)
|
|
sql = """INSERT INTO authorized_hmac_keys
|
|
(uid_hex, nick, key_hex)
|
|
VALUES (?, ?, ?)
|
|
"""
|
|
sql_data = (uid_hex, nick, key_hex)
|
|
cursor.execute(sql, sql_data)
|
|
except TypeError:
|
|
print >> sys.stderr, "UID and key must be in proper hex encoding"
|
|
sys.exit(1)
|
|
|
|
def addNdefAuth(cursor, uid_hex, nick):
|
|
"""
|
|
Add user authenticated by NDEF message on Desfire. UID should be in hex, 4, 7 or 10 bytes long.
|
|
"""
|
|
try:
|
|
uid_hex.decode("hex")
|
|
sql = """INSERT INTO authorized_desfires
|
|
(uid_hex, nick)
|
|
values (?, ?)
|
|
"""
|
|
sql_data = (uid_hex, nick)
|
|
cursor.execute(sql, sql_data)
|
|
except TypeError:
|
|
print >> sys.stderr, "UID must be in proper hex encoding"
|
|
sys.exit(1)
|
|
|
|
if __name__ == "__main__":
|
|
parser = OptionParser()
|
|
parser.add_option("-c", "--config", action="store", type="string", dest="config",
|
|
help="Configuration file")
|
|
parser.add_option("-a", "--authtype", action="store", type="string", dest="authtype",
|
|
help="Authenthication type - uid, hmac or ndef")
|
|
(opts, args) = parser.parse_args()
|
|
|
|
if opts.config is None:
|
|
print >> sys.stderr, "You must specify config file via the -c option!"
|
|
parser.print_help()
|
|
sys.exit(1)
|
|
|
|
if opts.authtype not in ["uid", "hmac", "ndef"]:
|
|
print >> sys.stderr, "You must specify authentication type via -a option!"
|
|
print >> sys.stderr, "Acceptable choices: uid, hmac, ndef"
|
|
sys.exit(1)
|
|
|
|
config = BrmdoorConfig(opts.config)
|
|
conn = sqlite3.connect(config.authDbFilename)
|
|
cursor = conn.cursor()
|
|
|
|
if opts.authtype == "uid":
|
|
if len(args) < 2:
|
|
print >> sys.stderr, "You must two additional arguments, hex UID and nick"
|
|
print >> sys.stderr, "Example:"
|
|
print >> sys.stderr, "brmdoor_adduser.py -c brmdoor.config -a uid 34795FCC SomeUserName"
|
|
sys.exit(1)
|
|
addUidAuth(cursor, args[0], args[1])
|
|
elif opts.authtype == "hmac":
|
|
if len(args) < 3:
|
|
print >> sys.stderr, "You must three additional arguments, hex UID and nick and hex key"
|
|
print >> sys.stderr, "brmdoor_adduser.py -c brmdoor.config -a hmac 40795FCCAB0701 SomeUserName 000102030405060708090a0b0c0d0e0f31323334"
|
|
sys.exit(1)
|
|
addHmacAuth(cursor, args[0], args[1], args[2])
|
|
elif opts.authtype == "ndef":
|
|
if len(args) < 2:
|
|
print >> sys.stderr, "You must two additional arguments, hex UID and nick"
|
|
print >> sys.stderr, "Example:"
|
|
print >> sys.stderr, "brmdoor_adduser.py -c brmdoor.config -a ndef 34795FCC SomeUserName"
|
|
sys.exit(1)
|
|
addNdefAuth(cursor, args[0], args[1])
|
|
|
|
conn.commit()
|
|
conn.close()
|